Most companies today understand the very real need to protect their data. Most invest significant funds to mitigate or prevent the threats that aim to compromise their data. Typically, the go to investment is a firewall on the edge of the network to protect against outside attacks. And that is a great start. But that is far from the end. Unfortunately, many companies don’t realize what to do with their security beyond the firewall and its capabilities.
Like many other things, data security is most effective when employing a multi-faceted approach. A combination of firewalls, IPS/IDS, web filters, malware protection, security polices, internal protection, etc. is going to be most effective. Unfortunately, “internal protection” is oft forgotten. In a lot of cases, the most vulnerable internal access is the wireless network. But it certainly does not have to be.
In less than an hour, one can install software and learn how to conduct a successful wireless attack that will take mere minutes to complete. I have witnessed credit card information stolen right from the air on an unsecured wireless network. In fact, I’ve witnessed it quite a few times. It really isn’t difficult, and it typically takes about 5 minutes. That same style of attack was also used to gain access to the servers housing the financial records of a different business. Fortunately, the attacks were being conducted to improve security. But plenty (if even most) are not for the benefit of anyone other than the attacker.
This very same type of attack can be conducted from the parking lot outside of a business. If the wireless reaches to the lot – as it often does – the attacker can go after your data from a car and you might never see them. Most companies don’t monitor their parking lots or inspect any car that may arrive for just a few minutes. Indeed, it could be a full-time job to do so.
So, what can be done? Well, the 2016 Data Breach Investigations Report from Verizon found that 63% of confirmed data breaches leverage a weak, default, or stolen password. Simply improving your password polices and enforcement will be a major step in the right direction. But there are also encryption methods, security protocols, and security centric configuration best practices that can go a long way as well. The best part is, those usually don’t cost very much and don’t typically require a major investment in hardware.
Ask yourself: do you know for sure that your wireless network is secure? Wouldn’t it be prudent to be able to answer “yes” to that question? The cost of an attack could be devastating – it often is. Are you willing to risk it? Or would it be easier, cheaper, and much less stressful to simply have an analysis conducted and find out what you can do to make your network more secure?